package com.nanxun.Impl;

import com.alibaba.nacos.common.utils.StringUtils;
import com.nanxun.constant.AuthConstants;
import com.nanxun.factory.LoginStrategyFactory;
import com.nanxun.strategy.LoginStrategy;
import io.netty.util.internal.StringUtil;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import java.util.Enumeration;

/**
 * 项目自己的认证流程
 * */

@Service
public class UserDetailsServiceImpl  implements UserDetailsService {

    @Autowired
    private LoginStrategyFactory loginStrategyFactory;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        //获取请求对象
        ServletRequestAttributes requestAttributes =(ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = requestAttributes.getRequest();
        //从请求头中获取登录类型
        String loginType = request.getHeader(AuthConstants.LOGIN_TYPE);
        //判断请求来自哪个系统
       /* if(AuthConstants.SYS_USER_LOGIN.equals(loginType)){
        //商城后台管理系统流程
        }else {
        //商城用户购物系统流程
        }//使用策略模式和工厂模式，不要写成屎山代码*/
        if (!StringUtils.hasText(loginType)) {
        throw new InternalAuthenticationServiceException("非法登录，登录类型不匹配");
        }
        //通过登录策略工厂获取具体的登录策略对象
        LoginStrategy instance = loginStrategyFactory.getInstance(loginType);
        return instance.realLogin(username);
    }
}
  /*      httpSecurity.userDetailsService(userDetailsService)
                .cors(cors->{ cors.disable();})
                .csrf(csrf->{ csrf.disable();})
                .sessionManagement(session->{ session.sessionCreationPolicy(SessionCreationPolicy.STATELESS);})
                .formLogin(formLogin-> {
                            formLogin.loginProcessingUrl(AuthConstants.LOGIN_URL)//设置登录URL
                                    .successHandler(authenticationSuccessHandler())//设置登录成功处理器
                                    .failureHandler(authenticationFailureHandler());//设置登录失败处理器
                })
                .logout(logout-> {
                    logout.logoutUrl(AuthConstants.LOGOUT_URL)//设置登出URL
                            .logoutSuccessHandler(LogoutSuccessHandler());//设置登出成功处理器
                })
                //要求所有请求都需要进行身份的认证
                .authorizeHttpRequests(authorizeHttpRequests->{
                    authorizeHttpRequests.anyRequest().authenticated();
                });
             return   httpSecurity.build();
        */